Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/x-mRP8onzyt_zcKsZBuvxCQyTjI.roa
File: x-mRP8onzyt_zcKsZBuvxCQyTjI.roa (raw, json)
Hash identifier: x7Mc9eGNI+3DuZhMHliusLI0HBoqIZGEDzVFX0V9Y10=
Subject key identifier: C7:E9:91:3F:CA:27:CF:2B:7F:CD:C2:AC:64:1B:AF:C4:24:32:4E:32
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198C74ECAE3B0BD5B89465F9044803808BE
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/x-mRP8onzyt_zcKsZBuvxCQyTjI.roa
Signing time: Wed 20 Aug 2025 11:48:06 +0000
ROA not before: Wed 20 Aug 2025 11:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.203.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.240.2.0/24 maxlen: 24
151.240.16.0/24 maxlen: 24
151.240.77.0/24 maxlen: 24
151.240.82.0/24 maxlen: 24
151.240.89.0/24 maxlen: 24
151.240.112.0/23 maxlen: 24
151.240.114.0/23 maxlen: 24
151.240.116.0/23 maxlen: 24
151.240.120.0/23 maxlen: 24
151.240.124.0/23 maxlen: 24
151.240.145.0/24 maxlen: 24
151.240.152.0/24 maxlen: 24
151.240.153.0/24 maxlen: 24
151.240.163.0/24 maxlen: 24
151.240.173.0/24 maxlen: 24
151.240.228.0/24 maxlen: 24
151.240.231.0/24 maxlen: 24
151.240.232.0/24 maxlen: 24
151.240.239.0/24 maxlen: 24
151.240.241.0/24 maxlen: 24
151.240.242.0/24 maxlen: 24
151.240.247.0/24 maxlen: 24
151.240.249.0/24 maxlen: 24
151.240.250.0/24 maxlen: 24
151.241.0.0/17 maxlen: 24
151.241.4.0/24 maxlen: 24
151.241.7.0/24 maxlen: 24
151.241.15.0/24 maxlen: 24
151.241.25.0/24 maxlen: 24
151.241.27.0/24 maxlen: 24
151.241.50.0/24 maxlen: 24
151.241.64.0/18 maxlen: 24
151.241.65.0/24 maxlen: 24
151.241.74.0/23 maxlen: 24
151.241.117.0/24 maxlen: 24
151.241.128.0/17 maxlen: 24
151.242.19.0/24 maxlen: 24
151.242.51.0/24 maxlen: 24
151.242.52.0/22 maxlen: 24
151.242.136.0/23 maxlen: 24
151.242.144.0/23 maxlen: 24
151.242.192.0/20 maxlen: 24
151.242.200.0/22 maxlen: 22
151.242.202.0/23 maxlen: 24
151.242.204.0/22 maxlen: 24
151.242.206.0/24 maxlen: 24
151.242.224.0/22 maxlen: 24
151.242.252.0/23 maxlen: 24
151.242.252.0/24 maxlen: 24
151.243.16.0/20 maxlen: 20
151.243.18.0/23 maxlen: 24
151.243.28.0/22 maxlen: 24
151.243.44.0/22 maxlen: 24
151.243.83.0/24 maxlen: 24
151.243.100.0/22 maxlen: 24
151.243.108.0/23 maxlen: 24
151.243.123.0/24 maxlen: 24
151.243.136.0/22 maxlen: 22
151.243.152.0/22 maxlen: 24
151.243.156.0/24 maxlen: 24
151.243.157.0/24 maxlen: 24
151.243.158.0/24 maxlen: 24
151.243.171.0/24 maxlen: 24
151.243.173.0/24 maxlen: 24
151.243.175.0/24 maxlen: 24
151.243.200.0/24 maxlen: 24
151.243.204.0/22 maxlen: 24
151.243.206.0/23 maxlen: 24
151.243.212.0/23 maxlen: 24
151.243.220.0/24 maxlen: 24
151.243.223.0/24 maxlen: 24
151.243.226.0/24 maxlen: 24
151.243.229.0/24 maxlen: 24
151.243.230.0/23 maxlen: 24
151.243.237.0/24 maxlen: 24
151.243.239.0/24 maxlen: 24
151.243.243.0/24 maxlen: 24
151.243.247.0/24 maxlen: 24
151.243.248.0/22 maxlen: 24
151.243.252.0/23 maxlen: 24
151.244.14.0/24 maxlen: 24
151.244.42.0/24 maxlen: 24
151.244.44.0/24 maxlen: 24
151.244.46.0/24 maxlen: 24
151.244.50.0/24 maxlen: 24
151.244.70.0/24 maxlen: 24
151.244.85.0/24 maxlen: 24
151.244.88.0/24 maxlen: 24
151.244.103.0/24 maxlen: 24
151.244.109.0/24 maxlen: 24
151.244.119.0/24 maxlen: 24
151.244.120.0/24 maxlen: 24
151.244.121.0/24 maxlen: 24
151.244.122.0/24 maxlen: 24
151.244.126.0/24 maxlen: 24
151.244.128.0/18 maxlen: 24
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.244.216.0/22 maxlen: 24
151.244.232.0/22 maxlen: 24
151.244.236.0/23 maxlen: 24
151.244.242.0/23 maxlen: 24
151.244.244.0/23 maxlen: 24
151.244.246.0/23 maxlen: 24
151.244.250.0/23 maxlen: 24
151.244.252.0/22 maxlen: 24
151.245.0.0/17 maxlen: 24
151.245.1.0/24 maxlen: 24
151.245.3.0/24 maxlen: 24
151.245.4.0/24 maxlen: 24
151.245.24.0/23 maxlen: 24
151.245.28.0/23 maxlen: 24
151.245.60.0/22 maxlen: 24
151.245.88.0/22 maxlen: 24
151.245.116.0/22 maxlen: 24
151.245.128.0/17 maxlen: 24
151.245.160.0/21 maxlen: 24
151.245.176.0/21 maxlen: 24
151.245.216.0/21 maxlen: 24
151.245.224.0/21 maxlen: 24
151.245.248.0/21 maxlen: 24
151.246.0.0/17 maxlen: 24
151.246.127.0/24 maxlen: 24
151.246.128.0/17 maxlen: 24
151.247.0.0/17 maxlen: 24
151.247.128.0/17 maxlen: 24
151.247.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 12:24:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:4e:ca:e3:b0:bd:5b:89:46:5f:90:44:80:38:08:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 20 11:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7e9913fca27cf2b7fcdc2ac641bafc424324e32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:93:1c:f9:ff:73:1a:09:45:5d:c6:b8:fb:41:
69:da:b4:ae:02:cd:89:2f:82:96:34:1e:df:a0:19:
7e:62:32:ed:47:19:c0:56:f2:32:6e:f3:53:8e:a9:
af:de:86:42:28:e1:d9:d4:53:05:4f:35:bb:fb:92:
9a:83:c7:3f:c8:d9:14:38:13:2e:2c:a5:e3:8f:46:
ae:de:5e:74:ee:56:db:9b:a1:fb:89:11:ff:e0:fb:
ea:6b:29:aa:6d:93:6f:d4:5f:f0:9d:de:c1:50:b3:
9b:b1:76:15:93:e4:63:db:94:c7:ee:9f:a0:a5:1d:
da:5b:2a:9e:a3:08:7c:f1:18:37:59:57:90:2e:12:
16:a4:48:0e:ea:f7:03:63:f7:24:c6:13:08:6b:9e:
28:48:d5:a3:ff:6f:4c:78:8b:74:4c:f6:c0:70:3d:
4a:09:ed:1b:9a:c3:b2:a8:a1:66:30:f7:c9:bd:c0:
35:1c:95:1a:aa:dd:7c:c4:63:b2:65:a0:96:3c:0a:
43:54:c1:d5:a7:4d:64:a9:e7:8f:2c:1b:48:d2:33:
aa:82:d2:7e:ed:39:a9:08:f5:52:be:ae:ca:72:2f:
0f:61:74:ec:a7:74:b8:85:c1:3a:21:da:2d:fe:83:
f2:f3:87:fb:9e:c4:88:1f:61:d3:61:5f:76:88:97:
30:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E9:91:3F:CA:27:CF:2B:7F:CD:C2:AC:64:1B:AF:C4:24:32:4E:32
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/x-mRP8onzyt_zcKsZBuvxCQyTjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.203.0/24
37.202.212.0/23
151.240.2.0/24
151.240.16.0/24
151.240.77.0/24
151.240.82.0/24
151.240.89.0/24
151.240.112.0-151.240.117.255
151.240.120.0/23
151.240.124.0/23
151.240.145.0/24
151.240.152.0/23
151.240.163.0/24
151.240.173.0/24
151.240.228.0/24
151.240.231.0-151.240.232.255
151.240.239.0/24
151.240.241.0-151.240.242.255
151.240.247.0/24
151.240.249.0-151.240.250.255
151.241.0.0/16
151.242.19.0/24
151.242.51.0-151.242.55.255
151.242.136.0/23
151.242.144.0/23
151.242.192.0/20
151.242.224.0/22
151.242.252.0/23
151.243.16.0/20
151.243.44.0/22
151.243.83.0/24
151.243.100.0/22
151.243.108.0/23
151.243.123.0/24
151.243.136.0/22
151.243.152.0-151.243.158.255
151.243.171.0/24
151.243.173.0/24
151.243.175.0/24
151.243.200.0/24
151.243.204.0/22
151.243.212.0/23
151.243.220.0/24
151.243.223.0/24
151.243.226.0/24
151.243.229.0-151.243.231.255
151.243.237.0/24
151.243.239.0/24
151.243.243.0/24
151.243.247.0-151.243.253.255
151.244.14.0/24
151.244.42.0/24
151.244.44.0/24
151.244.46.0/24
151.244.50.0/24
151.244.70.0/24
151.244.85.0/24
151.244.88.0/24
151.244.103.0/24
151.244.109.0/24
151.244.119.0-151.244.122.255
151.244.126.0/24
151.244.128.0/18
151.244.216.0/22
151.244.232.0-151.244.237.255
151.244.242.0-151.244.247.255
151.244.250.0-151.247.255.255
Signature Algorithm: sha256WithRSAEncryption
84:d3:c5:ca:c5:07:b9:76:65:96:fd:5f:19:0b:98:64:64:ca:
db:2f:e6:c3:eb:1f:60:60:d5:63:9c:83:22:d5:72:c3:28:8b:
f2:57:ee:ae:7a:a9:b1:88:59:f6:eb:1a:c1:6f:9f:07:d9:85:
88:a8:a0:fb:96:e2:bd:64:7a:e0:ad:8d:ed:31:16:61:1e:c7:
7a:f1:cc:c6:27:22:e2:61:c6:98:df:71:42:31:79:f0:17:ce:
39:a3:3b:1f:9e:cc:f1:7e:da:e1:19:c7:2d:2b:a2:c1:e0:66:
57:d6:04:f4:68:58:6e:1b:49:39:27:59:75:f6:84:e1:3e:54:
27:f5:68:ee:b8:6b:3d:1f:f2:0a:03:4c:28:38:23:6b:ba:7d:
a5:07:d7:f1:15:9b:e2:70:da:6f:20:14:fa:6c:42:a1:68:95:
ca:45:17:8c:79:9b:25:8f:f0:ad:4d:1b:17:d1:3b:d0:c5:06:
7d:fa:ba:c9:b2:35:6e:f3:26:d7:48:73:30:c5:db:9e:c8:7f:
60:f5:f9:26:10:63:29:6d:a1:86:93:42:6e:36:23:52:77:de:
e1:10:2c:9a:5a:c1:5b:cf:53:57:01:d8:51:83:27:3a:15:31:
85:20:8e:6e:28:73:c1:69:70:9f:1b:43:c2:25:35:0d:1f:c8:
c9:1b:ab:ea
-----BEGIN CERTIFICATE-----
MIIG9zCCBd+gAwIBAgISAZjHTsrjsL1biUZfkESAOAi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIwMTE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2U5OTEzZmNhMjdjZjJiN2ZjZGMyYWM2NDFiYWZjNDI0MzI0ZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZMc+f9zGglFXca4+0Fp2rSuAs2J
L4KWNB7foBl+YjLtRxnAVvIybvNTjqmv3oZCKOHZ1FMFTzW7+5Kag8c/yNkUOBMu
LKXjj0au3l507lbbm6H7iRH/4PvqaymqbZNv1F/wnd7BULObsXYVk+Rj25TH7p+g
pR3aWyqeowh88Rg3WVeQLhIWpEgO6vcDY/ckxhMIa54oSNWj/29MeIt0TPbAcD1K
Ce0bmsOyqKFmMPfJvcA1HJUaqt18xGOyZaCWPApDVMHVp01kqeePLBtI0jOqgtJ+
7TmpCPVSvq7Kci8PYXTsp3S4hcE6Idot/oPy84f7nsSIH2HTYV92iJcwtwIDAQAB
o4IEAzCCA/8wHQYDVR0OBBYEFMfpkT/KJ88rf83CrGQbr8QkMk4yMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveC1tUlA4b256eXRfemNLc1pCdXZ4Q1F5VGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICFwYIKwYBBQUHAQcBAf8EggIGMIICAjCCAf4EAgABMIIB
9gMEACXKwQMEACXKywMEASXK1AMEAJfwAgMEAJfwEAMEAJfwTQMEAJfwUgMEAJfw
WTAMAwQEl/BwAwQBl/B0AwQBl/B4AwQBl/B8AwQAl/CRAwQBl/CYAwQAl/CjAwQA
l/CtAwQAl/DkMAwDBACX8OcDBACX8OgDBACX8O8wDAMEAJfw8QMEAJfw8gMEAJfw
9zAMAwQAl/D5AwQAl/D6AwMAl/EDBACX8hMwDAMEAJfyMwMEA5fyMAMEAZfyiAME
AZfykAMEBJfywAMEApfy4AMEAZfy/AMEBJfzEAMEApfzLAMEAJfzUwMEApfzZAME
AZfzbAMEAJfzewMEApfziDAMAwQDl/OYAwQAl/OeAwQAl/OrAwQAl/OtAwQAl/Ov
AwQAl/PIAwQCl/PMAwQBl/PUAwQAl/PcAwQAl/PfAwQAl/PiMAwDBACX8+UDBAOX
8+ADBACX8+0DBACX8+8DBACX8/MwDAMEAJfz9wMEAZfz/AMEAJf0DgMEAJf0KgME
AJf0LAMEAJf0LgMEAJf0MgMEAJf0RgMEAJf0VQMEAJf0WAMEAJf0ZwMEAJf0bTAM
AwQAl/R3AwQAl/R6AwQAl/R+AwQGl/SAAwQCl/TYMAwDBAOX9OgDBAGX9OwwDAME
AZf08gMEA5f08DALAwQBl/T6AwMDl/AwDQYJKoZIhvcNAQELBQADggEBAITTxcrF
B7l2ZZb9XxkLmGRkytsv5sPrH2Bg1WOcgyLVcsMoi/JX7q56qbGIWfbrGsFvnwfZ
hYiooPuW4r1keuCtje0xFmEex3rxzMYnIuJhxpjfcUIxefAXzjmjOx+ezPF+2uEZ
xy0rosHgZlfWBPRoWG4bSTknWXX2hOE+VCf1aO64az0f8goDTCg4I2u6faUH1/EV
m+Jw2m8gFPpsQqFolcpFF4x5myWP8K1NGxfRO9DFBn36usmyNW7zJtdIczDF257I
f2D1+SYQYyltoYaTQm42I1J33uEQLJpawVvPU1cB2FGDJzoVMYUgjm4oc8FpcJ8b
Q8IlNQ0fyMkbq+o=
-----END CERTIFICATE-----
Generated at Wed Aug 20 21:32:58 2025 by rpki-client